how to config cisco 3550 about 802.1x with vlan assignment

Discussion in 'Cisco' started by brent, Oct 15, 2003.

  1. brent

    brent Guest

    as title
    pls tell me. thx
    brent, Oct 15, 2003
  2. brent

    Dalgaard Guest

    Dalgaard, Oct 15, 2003
  3. brent

    jmarkotic Guest

    Configured it couple of days ago. Here is important stuff.

    aaa authentication dot1x default group radius none
    dot1x system-auth-control
    interface FastEthernet0/3
    switchport mode access
    dot1x port-control auto
    dot1x guest-vlan 2
    spanning-tree portfast
    radius-server host auth-port 1812 acct-port 1813 key sifra

    On radius you define following attributes for user/or group:
    Tunnel-Private-Group-Id[81]=name_of_vlan(not vlan id)

    and that's it.
    I had to download new IOS for 3550 to get it done properly.

    jmarkotic, Oct 15, 2003
  4. I read your reply with interest, as I have previously struggled with getting
    the 3550 send RADIUS queries to the RADIUS server. With the newest IOS this
    seems to be taken care of, and they have now implemented guest VLAN's on the
    3550 too. That is great, but I cannot quite figure out where on the RADIUS
    server to configure the attributes you give. In my case I use the Cisco ACS
    server but your reply may give me a clue anyway.

    Regards, Harald Haugan
    Harald Haugan, Oct 20, 2003
  5. brent

    jmarkotic Guest

    Go to "Interface Configuration", that go to "Radius IETF".
    Check atrributes that you want (64, 65, 81) for user and/or group.
    After that, those attributes will show under user/group IETF radius


    jmarkotic, Oct 22, 2003
